Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Apple and FBI Faceoff at House Encryption Hearing

Apple and the FBI vow to work together to find compromise solution in encryption debate.

Representatives from Apple and the FBI testified Tuesday at a House Energy and Commerce Committee hearing on the ongoing encryption debate. Both vowed to work cooperatively to move past the current encryption impasse and find common ground. They also used the hearing to clarify stances on encryption and set the record straight on the FBI’s use of “grey hat” hackers and Apple’s ties to China.

During the hearing, Apple general counsel Bruce Sewell made it clear Apple refused a request by China to to hand over its source code for its iPhone. Sewell was responding to allegations earlier in the hearings suggesting that Apple was more interested a cozy business relationship with China versus cooperating with the U.S. law enforcement in criminal investigations.

“I want to be very clear on this. We have not provided source code to the Chinese government,” Sewell said. “Those allegations have no merit.”

Amy Hess, executive assistant director for science and technology at the FBI, defended its use of hiring a third-party hacker to break into an iPhone owned by Syed Farook, one of the San Bernardino terrorists. She said that working with for-profit hackers wasn’t an ideal situation, but the FBI lacked the capability to crack open the iPhone itself.

During the hearing Hess said the FBI “required services and specialized skills we can only get through third parties.” Hess was grilled by the panel which was critical of the FBI’s inability to open the phone itself.

“I don’t think relying on a third party is a good model,” said representative Diana DeGette, a Democrat from Colorado. Hess conceded that the FBI needs more resources to develop more sophisticated computer forensics tools and hire more expert personnel.

Apple’s Sewell also addressed allegations by law enforcement that came up earlier in the hearing suggesting the phone maker would be encrypting its next-generation iCloud with the same strong encryption as the iPhone. “We have not announced that we are going to apply passcode encryption to the next generation iCloud,” he said.

Sewell and other panelists that represented the tech sector reinforced their position on encryption saying backdoors or intentionally weak encryption would have a devastating impact on U.S. businesses and do nothing to protect against criminals who would look outside the U.S. for encryption solutions.

Lawmakers acknowledged that encryption was not black and white issue. But, by the end of the hearing it was apparent the House Energy and Commerce Committee wasn’t any closer to answering the question of whether the government should have the ability to lawfully access encrypted technology and communications.

“It’s been five-and-half years and I’ve been hearing everyone talk about encryption and not getting anything done. I don’t know what we are waiting for. There has got to be a solution,” said the committee’s chairman Tim Murphy, a Republican from Pennsylvania.

Sewell pointed out over the past five years the private sector and law enforcement have made big strides in working together to help investigators on criminal cases involving encryption. “If we can get out of the lawsuit world, let’s start cooperating more,” Sewell said.

Apple, Sewell said, both strong encryption and law enforcement can work together. He said Apple is already working daily with law enforcement in helping find abducted children and child predators. Tools such as IP logs, which can help pinpoint missing people, and a program called PhotoDNA, used to track child pornography online, are examples where catching the criminal has less to do with what the encrypted data is and more to do with leveraging technology to solve a crime.

Discussion

The more I find out about the; Apple and FBI (with The Department of Justice (DOJ)) Fiasco the more ridiculous it becomes.
If Apple was principally fighting the case only on privacy then if the FBI had continued with the case, instead of adhourning the case, it would have probably won the case.
If Apple had listed all the problems that weak Computer (software and hardware) Systems create then with a competent defence, and counter-attack then it would have won.
If the FBI (DOJ) slandered Apple by stating that it was assisting China, but not The United States, is the equivalent of calling Apple a traitor.
Apple should demand access to the objective proof and prosecute the FBI and DOJ if it verified that they misled or lied.
At the moment, too many people are probably thinking directly or indirectly that Apple is a communist company, because they haven't counter sued and therefore the false allegations by The FBI and DOJ must be correct.
Apple should have asked the FBI and DOJ why didn't they NSA and GCHQ assisted them?
Apple should have asked the FBI and DOJ, in court, how many Security personnels with their families and also friends would be placed in danger if there were backdoors in iPhones when criminals and terriosts get access to the weaknesses?
There are infinite other examples that could be given, which shows how weak Apple's counter attack is.

For what it's worth, the general theory behind the NSA's general disinterest in helping the FBI and other internal organizations in cracking iPhones is due to secret-keeping.
The problem the FBI faces is that if they figure out a way to crack the phone and gather evidence, they then have to explain their methodology in court to ensure that no laws were broken in the process. This would mean that the NSA's methodology would then no longer be secret, and that would be one less weapon the NSA would have at their disposal.
That said, it's my understanding that the beauty of the non-governmental third party is that the FBI doesn't then have to then explain how it accessed the phone's info.

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.